Index. Advertisers gleaning /browser information,

Transcription

1 13Shea Index.qk 4/3/02 1:25 PM Page 183 Index A Absolute security, xvii Acceptable risk assessing, 6 defined, xvii Access Control defined, xvii granting to files, network security and, Access Control Lists. See ACLs (Access Control Lists) Access, network Access Control, denying, directory, remote, Access tokens, Account policies, ACLs (Access Control Lists) defending against hackers, 134 defined, 169 overview of, 25 sharing data, 41 Windows 2000 server and, Acronyms, security, Active Content, Web security, Administrative shares, deleting on NT servers, Administrator/Owner role, home users, Administrators controlling access/rights, granting privileges, 27, Web browsing precautions for, 156 Windows NT, creating false accounts, 80 Windows NT, renaming accounts, 54 Advertisers gleaning /browser information, 103 tracking user behavior, 121 Algorithms, encryption, 22 AllowedPaths Key(s), securing NT servers in Registry, Antivirus software/resources. See AV (Antivirus) software Application layer filtering server security with, Attachments, , 113 AU (Authenticated Users) granting access with, Audit logs managing privileges for, 38 parsing for Internet security, 99 Auditing Internet security, turning on, 97 levels of, NT servers, turning on, 72 73, privilege, 38 Authentication, xvii AV (Antivirus) software Internet security with, 97 overview of, reducing risk with, Web resources for, , B Back doors, 170 Back Orifice (BO), 94, 170 Backing store, 183

2 13Shea Index.qk 4/3/02 1:25 PM Page Bibliography Backups overview of, 42 protecting computer with, user privileges for files/ directories, 35 virus protection and, 150, 151 Banner ads, 103, 121 Base Objects, NT servers, Batch jobs, 38 BlackIce Defender alerting when under attack, 137 overview of, 50 Blockers, filtering junk , Blowfish, 100 BO (Back Orifice), 94, 170 Border control overview of, 46 server security using, 68 Browsers patches, sandbox/security settings, 125 security zones, upgrading and, 151 Buffer overruns, software security, 142 C Cable modem connections, 96, 170 Change Permission, files/directories, 31 Checklists, security , 118 Internet, 105 network, risk assessment, 9 14 server, Virus and Trojan horse, 157 Web, Windows workstation, Classification, data risk assessment, 3 4 risk checklist, 9 14 Clean systems, 147 Code Red worm, 148 Collectors assessing risks from, 8 Computer Management applet, Windows 2000, Computer virus. See viruses Computers incident response centers, protecting, 5 Workgroup vs. Domain, 34 Computers, Windows-based, general practices, Homestead example, 45 small businesses only, Windows 9x, Windows NT 4.0, Connections assessing security risk of, xxii being watched on Internet through, Cable modem connections, 96, 170 detecting intruders, 138 types of Internet, Control Panel, Windows 2000, Cookies Web security and, Costs, security risk assessment vs., 1 2, 6 risk checklists and, 9 14 Crack, Crackers always-on connections and, 24 assessing risks from, 8, xxi encryption strength and, Internet security and, updating patches and, Create Files/Write Data permission, 30 Create Folders/Append Data permission, 30 Critical data, 170 Ctrl-Alt-Del, 170 D DACL (Discretionary or User Defined ACL), 25 DARPANET, 108

3 13Shea Index.qk 4/3/02 1:25 PM Page 185 Index 185 Data assessing risks, 3 4, 6 backups, 42 classification, 3 4, 9 14 defining important, 172 protecting, 4 DDE (Dynamic Data Exchange), 171 Debugging, user privilege for, Delete permission, 31 Delete Subfolders and Files permission, 31 Denial of Service. See DoS (Denial of Service) Denied Access messages, 39 Deny All, Grant Explicit permission excessive privileges and, file/directories and, 33 overview of, vs. Grant All, Deny Explicit, Device drivers, privilege for loading/unloading, 37 DHCP (Dynamic Host Configuration Protocol), Dial-up connections, 96 Digital Subscriber Line (DSL), 96, 171 Directories controlling access, granting permissions, providing access, securing NT servers, user privileges for, 35, 39 Discretionary or User Defined ACL (DACL), 25 Disk quotas, 37 DNS Clients, Windows 2000, 84 DNS (Domain Naming System) messages, 110 redirecting, DNS Servers, Windows 2000, 85 Domain controllers Domain Controller Account Database, 171 user privileges for, 35 Windows 2000 service, 85 Domain Naming System (DNS). See DNS (Domain Naming System) Domain Users, Domains, DoS (Denial of Service) hoaxes and, 156 Internet security and, 94 Drives partitions, 171 securing Windows NT 4.0, DSDM (Dynamic Shared Data Manager), 171 DSL (digital subscriber line), 96, 171 Dynamic Data Exchange (DDE), 171 Dynamic Host Configuration Protocol (DHCP), Dynamic Shared Data Manager (DSDM), 171 E E-commerce security, security, See also AV (Antivirus) software checklist, 118 getting off lists, Homestead example, 107 how works, opening files from unknown sources, 51 overview of, virus/worms, 148 weaknesses, attachments, 113 weaknesses, DNS redirection, weaknesses, Read as HTML option, 112 weaknesses, scripting issues, weaknesses, spam, weaknesses, spoofing, EFS (Encrypted File System), Windows 2000 enabling, 88 encryption with, 100

4 13Shea Index.qk 4/3/02 1:25 PM Page Index Encryption , 112 Internet security and, overview of, Quicken, Event logs Windows 2000, 84 Windows NT, 75 Everyone Else role, network user security, 26 Everyone Full Control permission, sharing files, Everyone Read permission, sharing files, Exploits, Exposure assessing risk and, 1 2, 9 14 F FAT 16/32, File infector, viruses, 148 File Replication Service, Windows 2000, 85 File Transfer Protocol (FTP), , 171 Files auditing,setting, detecting intruders, 138 file extensions, unhiding, opening from unknown sources, remote access, Windows 2000, Windows NT 4.0, Files, network security controlling access/rights, granting permissions, NT servers, sharing, user privileges for, 35, 39 Filters, junk , Financial data assessing risk to, 4 hackers and, Firewalls border control with, 46 Internet security with, 98 personal, server security with, 68 FreeBSD Security Issues, 161 FTP (File Transfer Protocol), , 171 Full Control permission, 31, 32 G Grant All, Deny Explicit permission Deny All, Grant Explicit vs., granting file/directory permissions, 33 Groups directory permission, 32 file permission, 31 user, Windows NT 4.0, 54 Guest account, Windows NT 4.0, 54 H Hack, Hackers always-on connections and, 24 assessing risks from, 8, xxi getting information from Web sites, Internet connections and, Quicken encryption and, watching you on Internet, Hackers, defending against, attacks and penetrations by, determining if you are a target, 134 extent of current problem, finding help, Homestead example, logging and auditing, social engineering attacks, who to blame, Happy99.exe worm, 140 Hardware assessing risk of failed, 7

5 13Shea Index.qk 4/3/02 1:25 PM Page 187 Index 187 crackers/hackers and, xxi Help, defense against hackers, Hoaxes, Homestead example assessing risk, 1 defending against hackers, security, 107 how to use, xiii Internet security, 93 introduction to, xiv-xvi network security, server security, 67 Web security, 119 Hotfixes overview of, 48 staying current on, 47 HTML (Hyptertext Markup Language), security avoiding, 151 turning off Read as HTML, 112 HTTP (Hyptertext Transfer Protocol), 172 Human error data loss and, 7 8 Grant All vs. Deny All and, Hyperlinks history of, 120 Hyptertext Transfer Protocol (HTTP), 172 I I Love You worm, 148 Identity, online identity theft and, 104 protecting, 4 5 Identity theft, 104, 172 IE (Internet Explorer) security settings that Prompt, 125 security zones, IETF (Internet Engineering Task Force), 172 IMAP (Internet Mail Access Protocol), , 172 Important data, 172 Infection, virus, 146 Integrated services digital network (ISDN) connection, 96, 172 Internal clocks, user privileges, Internet Engineering Task Force (IETF), 172 Internet Explorer (IE) security settings that Prompt, 125 security zones, Internet Mail Access Protocol (IMAP), , 172 Internet (net) comparing Web with, 120 Internet Protocol Security (IPSec), 84 87, 173 Internet security, See also Hackers, defending against advanced measures, basic measures, 97 checklist, 105 Homestead example, 93 privacy issues, types of connections, who is watching you, Internet service provider (ISP), 172 IP addresses, static vs. dynamic, IPSec (Internet Protocol Security), 84 87, 173 ISDN (integrated services digital network) connection, 96, 172 ISP (Internet service provider), 172 J JavaScript, 173 Junk mail. See UCE (unsolicited commercial ) K Kerberos Key Distribution Center, Windows 2000, 85 Keys, encryption lengths of, 22 overview of, protecting Registry with, technology for, 100

6 13Shea Index.qk 4/3/02 1:25 PM Page Index L Laws anti-spam, 116 banner ads and, 121 getting off lists, 117 Layered security, networks, Legal Notice, displaying at logon, Linux Security Issues, 161 List Folder/Read Data, permission, 30 Local Security Authority (LSA), 173 Local Users and Groups System Tool, Administrative tools, Locked pages, privilege for, 37 Logging appropriate levels of, turning on, 41 Logical Disk Manager, Windows 2000, 84 Logon as batch job, 38 displaying Legal Notice, Internet security and, 97 Windows NT 4.0, 54 Windows NT servers, LoveLetter worm, 148 LSA (Local Security Authority), 173 M Macro virus infection, 148 Mailing lists, security information, MBR (Master Boot Record), viruses and, 147, 173 Microsoft. See also Windows operating system management, 81 server security checklist, 88 Microsoft Developer Network (MSDN), 81 Microsoft Security Bulletin, 143 Mitigation assessing risk and, 1 2 defined, 173 risk checklists and, 9 14 Modify permission directories, 32 files, 31 Moore s Law, 22 MSDN (Microsoft Developer Network), 81 Multi-homing, 69, 173 N NAT (network address translation), 99, 173 National Infrastructure Protection Center (NIPC), 47 Natural disasters, assessing risk, 7 Navigation bars, Web page security, 126 Net. See Internet Net Logon, Windows 2000 service, 85 Network address translation (NAT), 99, 173 Network Interface Card (NIC), 173 Network security, access/rights, defining, checklist for, data backups, 42 denying access, encryption or clear, file/directory access, Grant All vs. Deny All, grouping users, Homestead example, in-depth or layered, rights/privileges, granting, sharing files, users and their roles, NIC (Network Interface Card), 173 Nimda worm, 148 NIPC (National Infrastructure Protection Center), 47 NT LM Service Provider, Windows 2000, 85 NTBugTraq, 144 NTFS, Windows NT 4.0, 56 O Obfuscation, 18, xviii Open Systems Interconnection model (OSI), 70, 173 Operating System Directory, Windows, OS (operating systems) assessing security risk of, xxii Microsoft resources for managing, 81

7 13Shea Index.qk 4/3/02 1:25 PM Page 189 Index 189 user privileges for, 35 vulnerabilities to hackers, 133 OSI (Open Systems Interconnection) model, 70, 173 Other data, defined, 173 P P3P (The Platform for Privacy Preferences Project), , 174 Packet filtering, 69, 173 Packets, defined, 173 Pagefiles, 36, 173 Passwords cookies and, Internet security and, 97 overview of, 25 protecting, 53 Patches browser security with, overview of, Windows NT servers, 71 Payload, viruses, 146 Performance data, Windows NT servers, Permissions denying access, Grant All vs. Deny All, granting access, 57 list of file/directory, Registry protection, sharing data, Personalization, Web sites, 121, 122 PGP2 (Pretty Good Privacy), 100 Phreak, defined, 173 Physical security, defined, 174 Plain text, security, 151 The Platform for Privacy Preferences Project (P3P), , 174 Plug & Play, Windows 2000 service, 84 Polymorphic, viruses as, 146 POP3 (Post Office Protocol 3), , 174 Ports, 174 Power surges, 7, 51 Privacy, online Internet security issues, protecting, 5 Web security and, Private keys, defined, 174 Privileges browsing Web and, 156 defined, 34, 174 Domain vs. Workgroup computers, 34 granting excessive, User Rights and, 25, 27, Windows NT 4.0, 58 Process, defined, 174 Profiling (performance sampling), privilege for, 38 Prompt, Internet Explorer security settings, 125 Protected Storage, Windows 2000 service, 84 Protocol isolation, 69, 174 Protocols, defined, 174 Proxy servers defined, 174 Internet security and, server security and, Public keys, defined, 174 Q Quicken program, hackers and, R RAM memory, 38, 174 Read and Execute permission, 31, 32 Read as HTML, security, 112 Read Attributes permission, files/directories, 30 Read Extended Attributes permission, files/directories, 30 Read permission, 31, 32 Registry defined, 174 keys, Windows NT server, overview of, 56 protecting, remote access, granting, 61 Registry Editor displaying Legal Notice before Log- On, 62 protecting Registry with, Security Configuration Editor, 63

8 13Shea Index.qk 4/3/02 1:25 PM Page Index Relative security defined, 174 encryption depending upon, 23 Remote Procedure Call (RPC), 84, 174 Remote Registry Service, Windows 2000, 84 Replaceable Data, defined, 174 Request for Comment (RFC), 175 The Resource Kit, 81 Resources. See Web site resources RFC (Request for Comment), 175 Rights and Privileges, User defined, 176 granting, granting excessive, overview of, 25 Rights, network security and, Risk, assessing, 1 14 acceptable risk, 5 6 Administrator accounts, 27 areas that need protection, 4 5 checklists for, 9 14 data classification, 3 4 Homestead example, 1 overview of, 1 2 protecting Registry, questions for, xxii what/who you are protecting from, 7 9 Risk, Role-Based Access Model, 175 Roles users and, Routing, RPC Locator, Windows 2000, 85 RPC (Remote Procedure Call), 84, 174 RunAs service, Windows 2000, 84 S SACL (System Defined ACL), 25 Sandboxes, 125 Satellite system connection, 96 SCE (Security Configuration Editor), 63 Scheduling priority user privilege for increasing, 37 Screen-savers, password-protecting, 53 Script kiddies assessing risks from, 8 Internet security and, Scripting Active Content on Web, security, HTML and, 112, 151 security, overview of, Secure channels,, 126 Secure channels, 175 Secure Sockets Layer (SSL), 126, 175 Security assessing, xxi-xxii key concepts of, xvii-xviii terminology, Security Accounts Manager, Windows 2000, 84 Security audits user privilege for generating, 37 user privilege for managing, 38 Security Configuration Editor (SCE), 63 Security Focus Web site, 144 Security in-depth, 16 19, 175 Security Log, accessing/viewing, 137 Security Policy Settings, Windows 2000, Security tab Internet Explorer, Windows NT 4.0, 55 Security zones browser, defending vs. threats with, Self-replication, defined, 146 Servers, See also Windows NT, server security checklist for securing, Homestead example, 67 overview of, where to start, Windows 2000, Service packs. See SPs (Service packs) Shares creating shared objects, 36 granting remote access, sharing files, 40 41

9 13Shea Index.qk 4/3/02 1:25 PM Page 191 Index 191 Signing overview of, 100 SMTP (Simple Mail Transfer Protocol), , 175 SNMP (Simple Network Management Protocol), 175 Social engineering overview of, signs of, 141 Software. See also Antivirus software assessing risk of failed, 7 assessing risk of replaceable, 3 opening/downloading, 151 for personal firewalls, 98 security weaknesses in, staying current on, Spam. See UCE (unsolicited commercial ) Spammer, defined, 176 Spoofing, security, SPs (Service packs) overview of, 48 securing NT servers, 71 staying current with, 47, 49 SSL (Secure Sockets Layer), 126, 175 Stealth/stealthy, defined, 146 Subsystems, 176 Symbolic links, 176 SysKey, Windows 2000, 85 System Defined ACL (SACL), 25 System security, defined, 46 System time, user privileges, T Take Ownership permission, files/directories, 31 Tampering, assessing risks of, 7 TCP/IP (Transmission control protocol/internet protocol) defined, 176 filtering, 176 Internet security and, server security, overview of, 69 server security, Windows 2000, server security, Windows NT, 80 TechNet, 81, 176 Telnet, defined, 176 Testing, Internet security, 101 Threads debugging programs and, defined, 176 Tiger teams, 139, 176 Token objects defined, 176 user privilege for creating, 36 user privilege for modifying, Tools editing security and Registry, security analysis, 101 Windows 2000 server, Traverse checking, 176 Traverse Folder/Execute Files permission, files/directories, Trojan horses, active content on Web and, affect of, defined, 147, 176 Homestead example, Internet security and, minimizing risk of exposure, overview of, protection from, 51 security checklist for, 157 U UCE (unsolicited commercial ) assessing risks from, 8 defined, 176 overview of, Updates, virus protection, 150 UPS (Uninterruptible Power Supply), 51 URLs, Web page security and, User Rights and Privileges defined, 176 granting, granting excessive, overview of, 25 Usernames, 25

10 13Shea Index.qk 4/3/02 1:25 PM Page Index Users, network security defining access and rights, Grant All vs. Deny All, granting rights/privileges, grouping, roles of, V VBScript, 177 Vendors, buying online, 128 Virtual memory, 177 Viruses, See also AV (Antivirus) software active content on Web and, affect of, assessing risks of, 7 defined, 177 Homestead example, minimizing risk of exposure, overview of, protection from, 51 security checklist, 157 Web resources for, 166 W W3C (World Wide Web Consortium), 177 Web security, Active Content and, browsers and, checklist for, cookies and, defining WWW, e-commerce and, Homestead example, 119 Web pages and, what they know about you, Web site resources, antivirus-related, , computers incident response centers, DHCP, 97 , encryption and security, 114 editing security and Registry, 63 firewalls, 50, 98 hacker-related, mailing lists, Microsoft server security checklist, 88 patches, 47 The Platform for Privacy Preferences Project, Web and FTP sites, worm infections, 148 Windows 2000 Computer Management applet, Encrypted File System, 100 Professional, compared with Windows NT 4.0, Professional, workstation security checklist, User Rights for, Windows 2000, server security, IPSec filtering, minimum services, Security Policy Settings, special files, SysKey, 85 tightening TCP/IP, 87 using Encrypting File System, 88 Windows 9x Administrator privileges on, 27 antivirus software, 50 granting rights/privileges in, 34 grouping users, 28 limitations of, 26 personal firewalls, safe computing practices, third-party software and, workstation security checklist, 64 Windows ME Administrator privileges on, 27 granting rights/privileges on, 34 grouping users and, 28 limitations of, 26 Windows NT, compared with Windows 2000 security, granting access to files, grouping users on, 28 list of User Rights for, user privileges in, users and groups, 54

11 13Shea Index.qk 4/3/02 1:25 PM Page 193 Index 193 workstation security checklist, Windows NT, server security, access to event logs, 75 AllowedPaths Key(s) in Registry, deleting administrative shares, disabling Log-on caching, disabling unneeded services, false administrator accounts, 80 files/directories, patches/service packs, 71 protecting performance data, Registry keys, removing unneeded subsystems, 77 setting account policies, TCP/IP security, 80 turning on auditing, 72 73, Windows Resource Kit, 177 Windows Scripting Host (WSH), , 177 Windows systems, securing, comparing Windows 2000 Professional with NT 4.0, general practices, Homestead example, 45 small businesses and, specific mailing list for, 161 using this book and, xx -xxi Windows 2000 Professional, Windows 9x, Windows NT 4.0, file access, Windows NT 4.0, user privileges in, Windows NT 4.0, users and groups, 54 Windows NT 4.0, users groups, 28 Windows NT 4.0, workstation security checklist, Windows XP, Workgroups, 34 Workstations adding to domains, 35 checklist for securing, Windows 2000, 84 World Wide Web Consortium (W3C), 177 Worms defined, 147 , 148 social engineering and, 140 Write Attributes permission, files/directories, 31 Write permission, 31, 32 WSH (Windows Scripting Host), , 177 WWW (World Wide Web). See Web security Z Zone Alarm, firewall, 50

12 13Shea Index.qk 4/3/02 1:25 PM Page 194